About IBM Cloud Floating IPs
Floating IP addresses are IP addresses that are provided by the system and are reachable from the public internet. They are allocated an IPv4 address which can be used for external connectivity in a number of ways.
You can reserve a floating IP address from the pool of available addresses that are provided by IBM, and you can associate it with a network interface of any instance in the same zone. That interface also will have a private IP address. Each floating IP address can be associated with only one interface or public gateway.
Currently, floating IP supports only IPv4 addresses.
External connectivity
External connectivity can be achieved by using either a public gateway that is attached to a subnet, or a floating IP address that is attached to a virtual server instance. Use a public gateway for source network address translation (SNAT) and a floating IP for destination network address translation (DNAT).
Associating a floating IP address with an instance removes the instance from the public gateway's Many-to-1 NAT.
Table 1 summarizes the differences between the options:
Public gateway | Floating IP |
---|---|
Instances can initiate connections to the internet, but they can't receive connections from the internet. | Instances can initiate or receive connections to or from the internet |
Provides connectivity for an entire subnet | Provides connectivity for a single instance |
For secure external connectivity, use the VPN service to connect your VPC to another network. For more information about VPNs, see Using VPN with your VPC.
Floating IPs use cases
Creating a floating IP is a standard way for you to acquire external connectivity for your services.
Use case 1: External connectivity
You can create and assign a floating IP to a virtual server instance to provide your service with outbound connectivity to a third-party vendor service or external service. One floating IP can be assigned to multiple virtual server instances and subnets.
The following diagram demonstrates the difference in applying external connectivity to a service through a public gateway and a floating IP address. In this scenario, three virtual server instances are connecting to services and customers through a public gateway and floating IP address.
External service 1 and External service 2 (logging) receive outbound traffic from Virtual server instance 1 and Virtual server instance 2 through a single Public gateway connection. Floating IP address 1, which is associated with this public gateway connection, allows the Virtual server instances to access External service 1 by IP address through a firewall. The External customer sends and receives traffic to and from Virtual server instance 3 through floating IP address 2:
Floating IP known issues
Issue: When you use the VPC API to list floating IP addresses on a bare metal server network interface, you might get an incomplete list of the floating IP addresses associated with the bare metal server network interface.
The floating IP associated with a bare metal network interface is not available before the network interface status
is available
.
Workarounds:
- Wait for the bare metal server network interfaces to be
available
before listing the floating IP addresses on the interfaces. - List all floating IPs to view those associated with bare metal server interfaces that are not yet
available
.